zvelo On The Go: An Interview With Our Principal Engineer, Joshua Rubin We recently caught up with Joshua Rubin, our Principal Engineer, who provided some great insight into Go (Golang), one of the tools the engineers use here at zvelo. Why use Go instead of the the “older/mature” languages like C++ or even Java for…
I had the privilege of discussing the state of mobile phone payments systems, like Google Wallet, on a local radio station show called “Backbone Radio” in mid-February, 2012, which is co-hosted by Joshua Sharf. The segment aired on 710-AM KNUS in Denver and 1460-AM KZNT radio out of Colorado Springs.
Much has been said in the last few days about the security of the Android platform in general and Google Wallet specifically. One frequent question that has been asked of the Google Wallet PIN vulnerability we found is “should the average consumer be concerned about mobile device exploits that require root privileges?” The unfortunate answer is “yes.” The reason is that while it is true that this PIN vulnerability requires root privileges to succeed, it does not require that the device be rooted previously.
Cell phone-based credit card payments are a burgeoning industry. There is a great deal of backroom negotiation going on today among players like Google, Verizon, AT&T and T-Mobile. They each want to establish themselves as a middleman in what they are betting will be a trillion dollar a year industry. The stakes are very high.
Black Hat – Las Vegas 2011: Report #4 – DARPA’s “Cyber Fast Track” Program Excites the Private Security Sector
Day one at Black Hat was a hit; so naturally, I looked forward to day two. I sat through a keynote given by Peiter Zatko, better known as “Mudge,” who is a Program Manager at DARPA. Mudge announced a new DARPA initiative called “Cyber Fast Track.”
After Cofer’s talk, I settled into the “Next-Gen Web” track, which was smaller than the “threat intel” and “bit flow” tracks that drew big crowds. The first topic was on a new web protocol being developed by Google called SPDY (pronounced “speedy”). While interesting, the talk had little to do with security. The speaker was a young German who is heavily involved in the security sector, but his talk simply explained the protocol. I honestly could have gathered most of what he spoke about by reading the documentation and playing with some examples. I was not terribly impressed.